- Update to version 0.4.1:
 * retcode: fix return code with syncfd and no event_fd
 * Ensure we're always clearing the cap bounding set
 * tests: Update output patterns for libcap >= 2.29
 * Don't rely on geteuid() to know when to switch back from setuid root
 * Don't support --userns2 in setuid mode
 * fixes CVE-2020-5291
 * fixes bsc#1168291

• Files Changed
• Browse Source

Update bubblewrap to version 0.4.0 as part of the flatpak update to
1.6.0

- Update to version 0.4.0:
  + The biggest feature in this release is the support for joining
    existing user and pid namespaces. This doesn't work in the
    setuid mode (at the moment).
  + Other changes:
    - Stores namespace info in status json.
    - In setuid mode pid 1 is now marked dumpable.
    - Now builds with musl libc.

- Use /bin/bash instead of /usr/bin/bash in SLE12

- Update to version 0.3.3:
 - This release is the same as 0.3.2 but the version number in configure.ac
   was accidentally still set to 0.3.1
- Update to version 0.3.2:
 - fixes boo#1136958 / CVE-2019-12439
  This release fixes a mostly theoretical security issue in unusual/broken
  setups where `$XDG_RUNTIME_DIR` is unset.
  There are some other smaller fixes, as well as an addition to the JSON
  API that allows reading the inner process exit code, separately from
  the `bwrap` exit code.
  - Print "Out of memory" on stderr, not stdout
  - bwrap: add option json-status-fd to show child exit code
  - bwrap: Report COMMAND exit code in json-status-fd
  - man page: Describe --chdir, not nonexistent --cwd
  - Don't create our own temporary mount point for pivot_root
  - Make lockdata long enough on 32-bit with 64-bit file pointers.

• Files Changed
• Browse Source

initialize package

• Browse Source